CrowdStrike Chaos Sparks Surge in Phishing Attacks

September 3, 2024  |  2 min read


Understanding the Crisis: What Happened and Where We Stand

On July 19, 2024, CrowdStrike, a leading cybersecurity firm, experienced a major global outage impacting numerous organizations worldwide. This disruption was caused by a faulty update to CrowdStrike’s Falcon Sensor software, which is extensively used by businesses and government agencies.

Phishing attacks and more

In the wake of this incident, an ongoing phishing campaign has emerged, targeting CrowdStrike users. Cybercriminals are exploiting the outage to conduct various malicious activities, including:

  • Sending phishing emails disguised as CrowdStrike support to customers
  • Impersonating CrowdStrike staff in phone calls
  • Pretending to be independent researchers with false claims that the technical issue is related to a cyberattack, and offering dubious remediation advice
  • Selling scripts that falsely claim to automate recovery from the update issue

Several malicious domains associated with this phishing campaign, which impersonate the CrowdStrike brand, have been identified. System administrators are advised to update firewall rules to block connections to these domains to protect their networks.

Figure 1: List of Identified malicious domains

United in Resilience Through Challenging Times

As we navigate the aftermath of this significant incident, it’s vital for organizations to support one another rather than exploit each other’s challenges. The current phishing surge reminds us of the importance of solidarity in the cybersecurity community. By working together and sharing resources, we can all enhance our defenses and better protect our networks.

During these times, the role of advanced security solutions becomes even more critical. Tools designed to safeguard against domain impersonation and detect phishing attempts can provide valuable protection. It’s worth considering how such resources can help strengthen your organization’s resilience against these threats.

By fostering a collaborative approach and utilizing effective security measures, we can collectively address these challenges and build a more secure digital environment. Let’s turn this situation into an opportunity for growth and enhanced mutual protection.

Check your domain's DMARC security compliance

Enforce DMARC, SPF and DKIM in days - not months

Skysnag helps busy engineers enforce DMARC, responds to any misconfigurations for SPF or DKIM which increases email deliverability, and eliminates email spoofing and identity impersonation.